C$ crawling disabled

Question

C$ crawling disabled

Dfte opened this issue 5 months ago · comments

Hey!

After using this tool for at least 2 years I just realized it doesn't crawl the c$ share.
Got it, it would be insanly long but I was wondering if it wouldn't be interesting to authorize the c:\users share as it will probably contain a lot of secrets (especially c:\users\whoami\desktop).

I haven't dug into the code but I was wondering two things:

Is this something you'd be keen to merge ?
How difficult would it be for me to help you on that task ?

Thanks in advance for the answer ;)
Deft_

TheTechromancer · Answer 1 · Wed Feb 28 2024 00:19:42 GMT+0800 (China Standard Time)

This can be overridden via the command line:

shares excluded: C$, IPC$, ADMIN$, PRINT$ (override with --exclude-sharenames)

E.g.:

# enable crawling of C$ share
manspider --exclude-sharenames 'IPC$' 'ADMIN$' 'PRINT$'

Deft_ · Answer 2 · Wed Feb 28 2024 00:30:03 GMT+0800 (China Standard Time)

Ok my bad, using the --exclude-sharenames and --exclude-direnames I can crawl c:\users that way:

manspider --exclude-sharenames IPC$ ADMIN$ PRINT$ --exclude direnames Windows PerfLogs Program Files*

Thanks for the answer! :)